CVE-2025-58736

Severity

7.0HIGH

EPSS

0.1%

top 83.71%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedOct 14

Description

Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally.

CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.0 | Impact: 5.9

▶NVDmicrosoft/windows< 10.0.17763.7919+4

CVEList

Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability↗2025-10-14

▶

GHSA

GHSA-mx9f-r289-q79h: Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally↗2025-10-14

▶

Microsoft

Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability↗2025-10-14

▶